New resource helps FIs assess, address cyberthreat readiness
The Federal Financial Institutions Examination Council (FFIEC) has developed a Cybersecurity Assessment Tool to help FIs identify their risks and assess their cybersecurity strategies.
FIs of all sizes can use the assessment tool and other methodologies to inform their risk management planning, an announcement from the FFIEC said.
The release of the Cybsercurity Assessment Tool follows last year’s pilot assessment of cybersecurity preparedness at more than 500 institutions. FFIEC members plan to update the assessment as threats, vulnerabilities, and operational environments evolve.
In addition to the assessment, the FFIEC also has made available resources for FIs that include:
- an executive overview;
- a user’s guide;
- an online presentation explaining the assessment; and
- appendices that:
- map the assessment’s baseline maturity statements to the FFIEC Information Technology Examination Handbook;
- map all maturity statements to the National Institute of Standards and Technology’s Cybersecurity Framework; and
- provide a glossary of terms.
The Cybersecurity Assessment Tool is now available online.
The FFIEC offers several other cybersecurity resources on its website, as well.
FFIEC members encourage FIs to comment on the assessment through an upcoming Paperwork Reduction Act notice in the Federal Register.